★ Admin has mint() with unlimited max
Midas's assessment for RD-F-042 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
mTBILL.mint() requires M_TBILL_MINT_OPERATOR_ROLE. No token-level supply cap (Hacken Dec-2023: 'total supply of mTBILL is not limited'). The Dec-2025 Issuance Vault upgrade (0xC8AF8477) introduces maxSupplyCap at the vault level with a setMaxSupplyCap() setter and revert on 'MV: max supply cap exceeded', partially constraining new issuance through the vault. However the underlying mTBILL.mint() at the token level remains uncapped — a role-holder could mint directly. Yellow: vault-level cap mitigates the most obvious path; token-level mint is still role-only uncapped.
Sources #
- EtherscanIssuance Vault Dec-2025 impl — EtherscanDepositVault impl 0xC8AF8477: maxSupplyCap() function present in ABI; setMaxSupplyCap() setter; 'MV: max supply cap exceeded' error string in bytecoderetrieved 2026-05-16
- mTBILL.sol — Sherlock 2024-05mTBILL.sol: mint() onlyRole(M_TBILL_MINT_OPERATOR_ROLE), no maxSupply checkretrieved 2026-05-16
- Hacken Dec-2023 audit — unlimited supply riskHacken Dec-2023: 'total supply of mTBILL stablecoin is not limited' — Risk section (not a formal finding, not fixed)retrieved 2026-05-16
Methodology #
Determine whether an admin-callable `mint` on a protocol token has no supply cap or an unlimited maximum supply.
See the full factor methodology and distribution across all protocols →